Conversation
…ocol/aztec-packages into si/fix-translation-evaluations
…sking term eval method
| Fr& operator[](size_t index) | ||
| { | ||
| ASSERT(index >= start_index && index < end_index()); | ||
| ASSERT(index >= start_index && index <= end_index()); |
There was a problem hiding this comment.
I was hitting this assert in commit_structured with active_regions. I think the inequality should be non-strict
There was a problem hiding this comment.
it's meant to be [start, end) so I'm suspicious this is a bug
There was a problem hiding this comment.
as far as i understand, it's consistent with this
auto poly_end = &polynomial[second];
scalars.insert(scalars.end(), poly_start, poly_end);
so the pointer is to the the element at position circuit_size, and the insertion excludes the poly_end
There was a problem hiding this comment.
changed back to strict inequalities
| template <typename Flavor> | ||
| void compute_grand_products(typename Flavor::ProverPolynomials& full_polynomials, | ||
| bb::RelationParameters<typename Flavor::FF>& relation_parameters) | ||
| bb::RelationParameters<typename Flavor::FF>& relation_parameters, |
There was a problem hiding this comment.
needed to modify the computation of z_perm in ECCVMProver
maramihali
left a comment
maramihali
left a comment
There was a problem hiding this comment.
Generally looks good, thanks, some nits and waiting to review the update to active_ranges that would remove the changes from Polynomial class in this PR.
| */ | ||
| void ECCVMProver::execute_wire_commitments_round() | ||
| { | ||
| // We mask the last MASKING_OFFSET coefficients of each wire polynomial. To commit to the masked wires when |
There was a problem hiding this comment.
this is a good idea! do you have plans to integrate it in Mega as a follow-up? if not, it would be good to add an issue or detail in the existing issues the approach taken in ECCVM
There was a problem hiding this comment.
I'll expand some of the existing issues
| // The accumulators are populated until the 2^{CONST_ECCVM_LOG_N}, therefore we commit to a full-sized polynomial | ||
| for (const auto& [wire, label] : | ||
| zip_view(key->polynomials.get_accumulators(), commitment_labels.get_accumulators())) { | ||
| wire.mask(); |
There was a problem hiding this comment.
in oink you introduced a function commit_to_witness_polynomials, it would be probably nice to mirror it here as well
There was a problem hiding this comment.
I'd keep it as is, cause the commitment logic here is waaaay less involved than in Oink
There was a problem hiding this comment.
I kinda like having the masking functionality abstracted in a function so noone in the future forgets to call mask() but not feeling very strongly about it
There was a problem hiding this comment.
agree, added this method
| EXPECT_EQ(result, expected_result); | ||
| } | ||
|
|
||
| /** |
There was a problem hiding this comment.
here's a test to catch the edge case when the last active region contains the last coeff of a poly
| // Pointer to the first element past the active range. Accessing `&polynomial[second]` directly can trigger | ||
| // an assertion when `second == polynomial_size`, so we compute the pointer using `polynomial.data()` | ||
| // to ensure safe range handling. | ||
| auto poly_end = polynomial.data() + (second - polynomial.start_index); |
There was a problem hiding this comment.
not beautiful, but don't have to do &polynomial[circuit_size]
| */ | ||
| void ECCVMProver::execute_wire_commitments_round() | ||
| { | ||
| // We mask the last MASKING_OFFSET coefficients of each wire polynomial. To commit to the masked wires when |
There was a problem hiding this comment.
Maybe: We add MASKING_OFFSET random values to the coefficients of each wire polynomial to not leak information via the commitment and evaluation.
.. or something along these lines
maramihali
left a comment
maramihali
left a comment
There was a problem hiding this comment.
thank you for making the changes!
| // The accumulators are populated until the 2^{CONST_ECCVM_LOG_N}, therefore we commit to a full-sized polynomial | ||
| for (const auto& [wire, label] : | ||
| zip_view(key->polynomials.get_accumulators(), commitment_labels.get_accumulators())) { | ||
| wire.mask(); |
There was a problem hiding this comment.
I kinda like having the masking functionality abstracted in a function so noone in the future forgets to call mask() but not feeling very strongly about it
🤖 I have created a new Aztec Packages release --- ## [0.79.0](v0.78.1...v0.79.0) (2025-03-11) ### ⚠ BREAKING CHANGES * aggregate data for batch calls ([#12562](#12562)) ### Features * add extra attributes to target_info ([#12583](#12583)) ([c296422](c296422)) * add optional oracle resolver url in `acvm_cli` (noir-lang/noir#7630) ([cc6cdbb](cc6cdbb)) * allow to pay via sponsored fpc from cli ([#12598](#12598)) ([877de5c](877de5c)) * array concat method (noir-lang/noir#7199) ([cc6cdbb](cc6cdbb)) * **avm:** ToRadix gadget ([#12528](#12528)) ([02a7171](02a7171)) * aztec-up -v flag ([#12590](#12590)) ([6a41565](6a41565)) * **bb:** consider polynomial end_index when constructing partially evaluated multivariates ([#12530](#12530)) ([abd22cd](abd22cd)) * **config:** add fallbacks ([#12593](#12593)) ([f2f9ef3](f2f9ef3)) * **p2p:** add trusted peers mechanics ([#12447](#12447)) ([d67f7e8](d67f7e8)) * **p2p:** peer manager peer count metrics ([#12575](#12575)) ([b4891c1](b4891c1)) * provision alerts ([#12561](#12561)) ([2ea1767](2ea1767)) * Resolve callstacks in protocol circuit errors on wasm ([#12573](#12573)) ([657299b](657299b)) ### Bug Fixes * aggregate data for batch calls ([#12562](#12562)) ([bd0b3b6](bd0b3b6)) * broken kind transfer test ([#12611](#12611)) ([6e91934](6e91934)) * Cl/release fixes 2 ([#12595](#12595)) ([fc597f4](fc597f4)) * Cl/release noir refs ([#12597](#12597)) ([fdcfcaf](fdcfcaf)) * demote log ([#12626](#12626)) ([bec8953](bec8953)) * deploy method test ([#12609](#12609)) ([f2c06c2](f2c06c2)) * Do not report epoch as complete until blocks have synced ([#12638](#12638)) ([2ddfa76](2ddfa76)), closes [#12625](#12625) * Error on infinitely recursive types (noir-lang/noir#7579) ([cc6cdbb](cc6cdbb)) * get L1 tx utils config from env ([#12620](#12620)) ([d930c01](d930c01)) * Log overflow handling in reset ([#12579](#12579)) ([283b624](283b624)) * metrics update ([#12571](#12571)) ([80a5df2](80a5df2)) * **sandbox:** query release please manifest for version if in a docker container ([#12591](#12591)) ([db8ebc6](db8ebc6)) * **spartan:** setup needs kubectl ([#12580](#12580)) ([753cb33](753cb33)) * update dead partial notes link ([#12629](#12629)) ([5a1dc4c](5a1dc4c)) * update error message to display 128 bits as valid bit size (noir-lang/noir#7626) ([cc6cdbb](cc6cdbb)) * update fallback transport ([#12470](#12470)) ([88f0711](88f0711)) ### Miscellaneous * bump external pinned commits (noir-lang/noir#7640) ([cc6cdbb](cc6cdbb)) * **ci3:** add helper for uncached test introspection ([#12618](#12618)) ([9ac518b](9ac518b)) * **ci3:** better memsuspend_limit comment ([#12622](#12622)) ([de84187](de84187)) * clean up upgrade test and other small things ([#12558](#12558)) ([c28abe1](c28abe1)) * cleanup eth artifacts + misc aztec.js reorg ([#12563](#12563)) ([6623244](6623244)) * **docs:** Updated accounts page ([#12019](#12019)) ([d45dac9](d45dac9)) * Fix mac build ([#12610](#12610)) ([adceed6](adceed6)) * gemini soundness regression test ([#12570](#12570)) ([c654106](c654106)) * more sane e2e_prover/full timeout ([#12619](#12619)) ([add9d35](add9d35)) * reactivate acir_test for `regression_5045` ([#12548](#12548)) ([c89f89c](c89f89c)) * remove unnecessary trait bounds (noir-lang/noir#7635) ([cc6cdbb](cc6cdbb)) * Rename `StructDefinition` to `TypeDefinition` (noir-lang/noir#7614) ([cc6cdbb](cc6cdbb)) * replace relative paths to noir-protocol-circuits ([4f7f5c3](4f7f5c3)) * replace relative paths to noir-protocol-circuits ([0f68d11](0f68d11)) * replace relative paths to noir-protocol-circuits ([8f593ce](8f593ce)) * replace relative paths to noir-protocol-circuits ([251ae38](251ae38)) * rollup library cleanup ([#12621](#12621)) ([361fc59](361fc59)) * **sandbox:** drop cheat-codes log level ([#12586](#12586)) ([24f04c7](24f04c7)) * **sandbox:** expose anvil port ([#12599](#12599)) ([955f1b0](955f1b0)) * **testnet:** updating script for ignition, change naming ([#12566](#12566)) ([2d7b69d](2d7b69d)) * turn on masking in eccvm ([#12467](#12467)) ([aacb91a](aacb91a)) * Update Bb line counting script ([#12350](#12350)) ([7a41843](7a41843)) * update docs to reflect u128 type (noir-lang/noir#7623) ([cc6cdbb](cc6cdbb)) * Validate blobs posted to sink belong to our L2 ([#12587](#12587)) ([9578f1e](9578f1e)), closes [#12497](#12497) ### Documentation * update cli-wallet commands in profiler doc ([#12568](#12568)) ([239a4fb](239a4fb)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please).
2 participants
lagrange_lastin ECCVM to keep it sound.commit_structuredwith active ranges to commit to randomized wires, as they have a huge 0 region fromreal_sizetocircuit_size - MASKING_OFFSET.It closes the translation evaluations arc:
verify_translationpasses when ECCVM wires are masked thanks toECCVMVerifierpropagating thetranslation_masking_term_evaltoTranslatorVerifierCloses AztecProtocol/barretenberg#1238